Movatterモバイル変換

[0]ホーム
URL:

US8024808B1 - Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorization - Google Patents

Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorizationDownload PDF

Info

Publication number
US8024808B1
US8024808B1US10/212,689US21268902AUS8024808B1US 8024808 B1US8024808 B1US 8024808B1US 21268902 AUS21268902 AUS 21268902AUS 8024808 B1US8024808 B1US 8024808B1
Authority
US
United States
Prior art keywords
transfer
broadband network
user node
media data
content protection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US10/212,689
Inventor
Paul Harry Gleichauf
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cisco Technology Inc
Original Assignee
Cisco Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Technology IncfiledCriticalCisco Technology Inc
Priority to US10/212,689priorityCriticalpatent/US8024808B1/en
Assigned to CISCO TECHNOLOGY, INC.reassignmentCISCO TECHNOLOGY, INC.ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS).Assignors: GLEICHAUF, PAUL HARRY
Application grantedgrantedCritical
Publication of US8024808B1publicationCriticalpatent/US8024808B1/en
Activelegal-statusCriticalCurrent
Adjusted expirationlegal-statusCritical

Links

Images

Classifications

Definitions

Landscapes

Abstract

A broadband network device is configured, in a broadband network, for dynamically controlling an upstream link bandwidth of a user node configured for downloading content via a downstream link having a prescribed bandwidth and uploading content through the broadband network via an upstream link according to the upstream link bandwidth. The broadband network device sets the upstream link bandwidth to a bandwidth value optimized for minimal-size data (e.g., message-based) transfers and that substantially restricts transfers of media-based (e.g., digital video or audio) data transfers to substantially long time intervals. The broadband network device is configured for dynamically increasing the upstream link bandwidth to an increased bandwidth value optimized for media-based data transfers, based on an identified authorization. The authorization may be supplied externally, for example, by a content provider, or based on a verification supplied by an authorization server that the user node is authorized to redistribute the content. Hence, content distribution can be controlled based on dynamically controlling the upstream link bandwidth according to content authorization, substantially minimizing the occurrences of unauthorized content redistribution.

Description

BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to controlling network bandwidth of a user node in a broadband network and the protection of protected content, and more particularly to controlling redistribution of protected content such as copyrighted digital music, video, and the like.
2. Description of the Related Art
Broadband networks typically utilize asymmetric bandwidth allocation, where a network link from a user node at a customer premises to a network access server, also referred to an upstream link, has a substantially lower allocated upstream bandwidth than the corresponding downstream link from the network access server to the user node. Broadband networks typically provision bandwidth asymmetrically between the network access server and the user node based on an assumption that the upstream link will typically require less bandwidth than the downstream link. In particular, the upstream link typically will utilize relatively small-sized requests, for example, sending text-based HTTP requests to a web server or e-mail requests to an e-mail server, or sending e-mail messages, having sizes on the order of 10-200 kilobytes. In contrast, the downstream link typically is utilized by the user node for downloading digital content (e.g., application software, encoded audio, and/or video) stored in substantially larger data files, for example 10 megabytes (Mbytes) and above, often exceeding 100 Mbytes. For example, commercial Asymmetric Digital Subscriber Line (ADSL) providers may offer downstream rates up to 8 megabits per second (Mbps), whereas the upstream rate would typically have a maximum rate of 640 kbps.
Hence, any data can be delivered in the downstream link up to the allocated capacity, measured for example in terms of bandwidth. Any data can also be sent from the user node to a destination via the broadband network based on the capacity of the upstream link. In addition, certain protocol enhancements have been proposed to improve the quality of service for broadband content (e.g., broadband video services) by increasing bandwidth and/or minimizing latency. For example, broadband networks deployed using Asynchronous Transfer Mode (ATM) cell streams can partition bandwidth into “virtual circuits” to provide guaranteed quality of service. Broadband networks deployed using Internet Protocol (IP)-based networks may utilize the Resource Reservation Protocol (RSVP), established by the Internet Engineering Task Force (IETF) Resource Reservation Setup Protocol Working Group as Request for Comments (RFC) 2205, for setting up resource reservations in the Internet. In addition various proposals have been submitted to the IETF in an effort to provide improved Quality of Service in terms of optimizing delivery of broadband content.
A primary concern among service providers deploying broadband networks and content providers offering online media content (e.g., streaming video, video on demand, music on demand, e-books, etc.) involves the unauthorized distribution of content. In particular, data transmitted over the Internet is relatively unrestricted in that any user having access via a user node can distribute any data to any other computer. Hence, users can share files using peer-to-peer resources without providing royalty payments to content owners; such peer-to-peer resources have resulted in substantial enforcement efforts by copyright holders, as illustrated by lawsuits filed against Napster, Inc., Redwood City, Calif. by copyright holders.
Hence, substantial tensions arise between service providers and commercial content providers or content rights holders. In particular, the service providers offer data access services for users that enable the users to download, and potentially redistribute content. The content providers or content rights holders, however, are especially concerned about loss of royalty revenue due to unauthorized redistribution of copyrighted or licensed content after a commercial transaction involving payment by a user for content (e.g., a multi media file, streaming video, etc.). Although the content provider may require the user purchasing the content to agree to refrain from copying or redistributing the content, typically in the form of a licensing agreement, the content provider typically has limited means of enforcing the licensing agreement in a convenient manner. Note, however, that in peer-to-peer distribution models some receivers can elect to become secondary providers, owing a license payment from each redistribution point or receiver to the copyright holder. Such an arrangement, however, still does not guarantee payment of the royalty.
One proposal for limiting redistribution of content involves encryption, for example Secure Sockets Layer (SSL) connections between servers and user devices, to prevent eavesdroppers from obtaining contention information or associated transaction information without the necessary encryption key. The content itself also may be encrypted in the form of an encrypted media file, requiring the user to possess a decryption key which may be provided separately; such an arrangement, however, limits the flexibility of the user to utilize the encrypted content, for example if the user prefers to transfer the encrypted media file to another device within an associated home network. In addition, encrypted files require the ability to find the appropriate small-sized key when the relatively large-sized multimedia content object is used. If the key is lost, the user also loses the ability to access the content until someone determines how to “crack” the encryption cipher.
The restrictions imposed by encrypted media files also may be overcome by using MPEG encoder devices, for example the Replay TV 4000 commercially available from SONICblue, Inc., Santa Clara, Calif. Such MPEG encoder devices can encode and store decrypted content that has been recovered in the form of an the analog video signal for display on a monitor. Hence, decrypted content can be re-encoded for storage and transfer to an unauthorized user via the upstream link.
Use of embedded markers within an analog signal to indicate evidence of ownership and limited permissions-to use, also known as watermarks, can be used to limit redistribution and trace transfers of protected content, assuming the necessary redistribution is in place to detect the markers. However, watermarks can be removed once their existence and form have been determined. Hence, once a watermark has been removed, the formerly protected content can be sent across the Internet without an audit trail that otherwise could be used to trace the protected content.
SUMMARY OF THE INVENTION
There is a need for an arrangement that enables content stored in a tangible media file to be controlled in a manner that ensures that unauthorized redistribution is minimized with little modification to existing broadband networks. In addition, there is a need for a more flexible arrangement that enables a range of fair use practices for tangible media files to be deployed, for example the transfer between devices on a local home network.
There also is a need for an arrangement in a broadband network device that enables unrestricted downloading of content to a user node via a broadband downstream link (i.e., egress network connection), while restricting the ability of the user node to redistribute, via an upstream link (i.e., ingress network connection), the content without providing content protection attributes that enables traceability of the content.
There is a further need for an arrangement that enables unrestricted downloading of content to a user node via a broadband downstream link, while selectively optimizing the ability of the user node to redistribute the content by transfer via an upstream link, based on selectively increasing the upstream link according to an identified authorization.
These and other needs are attained by the present invention, where a broadband network device is configured, in a broadband network, for dynamically controlling an upstream link bandwidth of a user node configured for downloading content via a downstream link having a prescribed bandwidth and uploading content through the broadband network via an upstream link according to the upstream link bandwidth. The broadband network device sets the upstream link bandwidth to a bandwidth value optimized for minimal-size data (e.g., message-based) transfers and that substantially restricts transfers of media-based (e.g., digital video or audio) data transfers to substantially long time intervals. The broadband network device is configured for dynamically increasing the upstream link bandwidth to an increased bandwidth value optimized for media-based data transfers, based on an identified authorization. The authorization may be supplied externally, for example, by a content provider, or based on a verification supplied by an authorization server that the user node is authorized to redistribute the content. Hence, content distribution can be controlled based on dynamically controlling the upstream link bandwidth according to content authorization, substantially minimizing the occurrences of unauthorized content redistribution.
One aspect of the present invention provides a method in a broadband network device configured for providing an ingress network connection to a user node in a broadband network. The method includes configuring the ingress network connection to a first data rate that substantially restricts transfer of a media data file. The method also includes selectively setting the ingress network connection, for a prescribed interval, to a second data rate enabling unrestricted transfer of the media data file, based on a determined content protection attribute associated with the transfer by the user node
Another aspect of the present invention provides an a broadband network device configured for providing an ingress network connection to a user node in a broadband network. The broadband network device includes a network interface configured for establishing the ingress network connection with the user node at a selected data rate, and a processor. The processor is configured for selecting the selected data rate to a first data rate that substantially restricts transfer of a media data file. The processor also is configured for selectively changing the selected data rate from the first data rate to a second data rate for a prescribed interval based on a determined content protection attribute associated with the transfer of the media data file by the user node, the second data rate enabling unrestricted transfer of the media data file.
Additional advantages and novel features of the invention will be set forth in part in the description which follows and in part will become apparent to those skilled in the art upon examination of the following or may be learned by practice of the invention. The advantages of the present invention may be realized and attained by means of instrumentalities and combinations particularly pointed out in the appended claims.
BRIEF DESCRIPTION OF THE DRAWINGS
Reference is made to the attached drawings, wherein elements having the same reference numeral designations represent like elements throughout and wherein:
FIG. 1 is a diagram illustrating a broadband network having broadband network devices configured for controlling content redistribution by selectively restricting transfer of media data files by user nodes, according to an embodiment of the present invention.
FIGS. 2A and 2B are diagrams illustrating a default upstream network connection configured for substantially restricting transfer of a media data file and a dynamically allocated upstream network connection having a substantially higher bandwidth for a prescribed interval to enable unrestricted transfer of a media data file, respectively, according to an embodiment of the present invention.
FIG. 3 is a block diagram illustrating the broadband network device ofFIG. 1.
FIGS. 4A and 4B are diagrams summarizing the method of controlling content distribution by dynamically controlling the upstream network connection bandwidth based on determined content protection attributes, according to an embodiment of the present invention.
BEST MODE FOR CARRYING OUT THE INVENTION
FIG. 1 is a diagram illustrating abroadband network10 having broadband network devices, for example access servers (AS)12,routers13, or broadband network interface (NI)devices15, having bandwidth control resources configured for controlling content redistribution byuser nodes14 based on controlling upstream connection data rates, according to an embodiment of the present invention. Thebroadband network10, implemented for example as a high speed broadband content network deployed by an Internet Service Provider (ISP) for residential premises, business consumers, and the like, includesaccess servers12, at least oneauthorization server16, and agateway server18. Thegateway server18 is configured for establishing an interface between thebroadband network10 and a wide-area network19 such as the Internet. Theauthorization server16 is configured for providing content authorization information to theaccess servers12, described below.
Eachuser node14, for example a computer at a customer premises, is coupled via alocal distribution network20 to thebroadband network10. Thelocal distribution network20 may be implemented, for example, as a fiber to the home distribution network, a T1 connection for a business premises, a wireless broadband link, a cable headend aggregation point, etc. As described below, the bandwidth control resources used to control content redistribution by controlling upstream connection data rates may be implemented at the customer premises (e.g., within a multi-layer network switch (not shown) within theLAN30, within therouter13 at the customer premises, or the network interface15), or at the service providers location (e.g., the access server12). Hence, the disclosed bandwidth control resources may be embedded within a broadband network device at the customer premises, even though the bandwidth control resources remain under control by either the service provider or content owner as described below.
For ease of discussion, the bandwidth control resources will be described with reference to implementation within theaccess server12; however it will become readily apparent that the disclosed bandwidth control resources also can be implemented in therouter13, thenetwork interface15, a network switch, etc., or any other device capable of controlling a bandwidth connection between auser node14 and a destination network node.
Each broadband network device having the bandwidth control resources is configured for establishing a downstream broadband network connection and an upstream network connection. In the case of theaccess server12, theaccess server12 is configured for establishing adownstream broadband connection22 and anupstream network connection24. Thedownstream broadband connection22, also referred to as an egress network connection, serves as an egress point for broadband data from thebroadband network10 to thecorresponding user node14.
Thedownstream broadband connection22 is assigned by the corresponding broadband network device (e.g., the access server12) a maximum egress data rate (e.g., bandwidth rate) based on existing network capacity and existing traffic management procedures, enabling unrestricted transfer of media data to thecorresponding user node14, independent of bandwidth allocation operations associated with theupstream network connection24, described below. Hence, thedownstream broadband connection22 is assigned a maximum bandwidth rate based on network capacity, traffic management, and contracted service levels, for example on the order of 1.5 to 10 Mbps. Other data rates may be used depending on implementation, for example 1 Gbps for Gigabit Ethernet connections, or higher. Note that the term “egress point” and “ingress point” is relative to the broadband network device having the bandwidth control resources.
According to the disclosed embodiment,upstream connections24 are assigned by the broadband network device controlling the connection a “fast” data rate for certified user applications or user content having determined content protection attributes (e.g., certificates, etc.) indicating the user is authorized to perform the data transfer. In the case of an “insecure application” (i.e., where no indicia of content ownership or authorization has been exchanged between theuser node14 and the broadband network device), theupstream connection24 is set to a lower, “default” data rate, described in detail below. Note that the content protection attributes (e.g., a PKI based X.509 certificate, Kerberos ticket, etc.) may be stored at theuser node14, the broadband network device, or a content server (e.g., a content provider).
As illustrated inFIG. 2A, theupstream connection24 is assigned a default data rate (i.e., bandwidth rate)32 that is optimized for minimal-size data transfers, for example server requests according to existing web protocols (e.g., HTTP) and e-mail protocols (e.g., POP3, IMAP), and text-based e-mail messages, on the order of 1.5 to 10 kbps. The maximum default data rate of 10 kbps assumes that theuser node14 serves as an interface for Voice over IP services, which may require 10 kbps data rates for 8 kbps-encoded Voice over IP media streams. Note that different default rates may be used based on respective application signatures, where an e-mail application receives one rate, an e-mail attachment receives another rate, a file transfer protocol (ftp) application receives another rate, etc.
Hence, thedefault data rate32 is set to a sufficiently low level to allow transfer of basic server requests and e-mail messages having relatively small MIME attachments from theuser node14 to thebroadband network10 for insecure applications. Note, however, that thedefault data rate32 substantially restricts transfer of media data files26,28 that require a higher-speed broadband connection. For example, compact disc (CD) quality media players such as the commercially available Windows Media Player from Microsoft, Inc., typically require a minimum of 64 kbps bit rates for playing anaudio file26, stored as a .wav file or a file on an audio CD. Moreover, media players typically require a minimum of 28 MB of disk storage for compressed audio data encoded at a 64 kbps bit rate; higher quality audio encoding may require even higher amounts of disk storage. Consequently, any efforts by auser node14 to transfer a media data file via an upstream network connection24 (for example a peer to peer transfer between user nodes14aand14b) would require a user to endure a substantially long time interval to receive the lowest quality audio file (using the example above, a user node14aattempting to transfer a 28 MB audio file from the user node14bwould need to wait approximately 45 minutes for transfer via the 10 kbpsupstream connection24. Video files28 use substantially higher encoding rates, for example 1.5 to 6 Mbps encoding for MPEG-encoded video streams.
Hence, the inventor has realized that users attempting to share media files26 or28, for example audio CDs or DVDs via abroadband network10, typically will lose interest in attempting to transfer files as the transfer time substantially exceeds the play duration for the media data file. Hence, although users can still transfer large media files anonymously, users eventually stop attempting to illicitly transfer files due to the substantially long transfer times, especially if several hours are needed to transfer large data files.
Hence, unauthorized redistribution of protected content can be implemented effectively and economically by broadband service providers based on requiring a user to provide some form of a content protection attribute any time the user supplies a request for an increase in the ingress network connection data rate (i.e., upstream bandwidth) to a higher-bandwidthupstream connection34 to accommodate an efficient transfer of a largesized media file26 or28 or a media stream connection. The request for an increase in upstream bandwidth must include a determined content protection attribute associated with the transfer of the media data file by theuser node14, for example a digital representation of an authorization to redistribute the content, such as licensing key, or an ownership certificate. Absent a digital representation of an authorization to redistribute, theaccess server12 may request a content protection attribute in the form of a verification by the user of the user node claiming authorization for the unrestricted transfer.
Hence, use of the term “content protection attribute” refers to an indicium that may be stored and read to and/from a tangible computer readable medium (e.g., hard disk, EPROM, CD-ROM), or transmitted via a tangible transmission medium (e.g., cable, wireless propagation signal, etc.), and that specifies an attribute related to the user device having an authorization to distribute the content and that enables the transfer of the content to be traced back to the user device. As apparent from above, the content protection attribute may be implemented based on a user of theuser node14 supplying a statement that he/she is authorized to transfer the content.
Once the necessary content protection attribute has been received from theuser node14, theaccess server12 logs the content protection attribute, increases the upstream connection bandwidth to a high-bandwidth upstream connection34 (e.g., 1.5 to 10 Mbps), enabling unrestricted transfer of the media data file, and monitors the transfer metrics associated with the unrestricted transfer for any necessary auditing operations. If the content protection attributes have not been received, the default upstream bandwidth is maintained, enabling the user to transfer the data at the default data rate, if the user so desires.
Hence, deployment of an upstream bandwidth controller at the edge of thebroadband network10 enables the efficient control of content distribution by substantially restricting unauthorized transfers of the media data file to substantially small bandwidth connections, for example on the order of 10 kbps. In addition, the disclosed embodiment enables auser node14 at a customer premises to freely distribute the content within its own premises, for example within alocal area network30. However, any attempt to redistribute the content back into thebroadband network10 requires that theuser node14 supply a content protection attribute before upstream bandwidth is increased to allow unrestricted transfer of the media data file. The increasedupstream bandwidth34 is preferably set at a value substantially at the encoding rate, for example 64 kbps for theaudio file26 or 1.5 Mbps, 6 Mbps, or up to 10 Mbps for the high-quality MPEG encodeddigital video file28.
FIG. 3 is a block diagram illustrating in detail one embodiment of a broadband network device, implemented in the form of theaccess server12, according to an embodiment of the present invention. Theaccess server12 includes anupstream network interface40 having a default (low bandwidth)configuration42 for implementing thelow bandwidth connection32 that substantially restricts transfers of media data files, and ahigh bandwidth configuration44 for implementing thehigh bandwidth connection34 that enables the unrestricted transfer of media data files. Theupstream network interface40 is controlled by a processor portion46 having aselector resource48, and content protection attribute detectors50.
Different types of content protection attribute detectors50 may be implemented depending on the type of content protection attribute being utilized. For example, the processor portion46 may include auser verification processor50aconfigured for requesting a user verify that he or she has authorization to unrestricted transfer of a media file, for example in the form of the user completing an HTTP form: note that theuser verification processor50aneed not actually verify authenticity, but merely that theuser node14 states (for purposes of an audit trail) that theuser node14 has such authorization.
A licensingkey identifier50band/orownership certificate detector50cmay be utilized for detecting, within the media data file, whether a licensing key and ownership certificate are included within the media file, for example within headers prepended to the media content; in such cases, increasedbandwidth34 may be automatically allocated in response to receiving header information that specifies a bandwidth increase request, followed by either a licensing key or ownership certificate, eliminating the necessity for manual user intervention. Another example of automatic ownership detection by thedetectors50band/or50cmay include detecting a registered application sending a request having prescribed attributes (e.g., a prescribed IP address, a prescribed machine address such as serial number or IEEE 802 media access control (MAC) address).
The processor portion46 also is configured for accessing anauthentication server16, implemented for example as an Authentication, Authorization, and Accounting (AAA) server, in the event that content protection attributes associated with theuser node14 and/or the media file may be cached therein, for example in the case of a content provider or a licensed distribution company.
Theaccess server12 also includes alogging resource52 configured for logging of the received content protection attributes and transfer metrics associated with the unrestricted transfer (e.g., transfer duration and/or transfer size in terms of bytes transferred). The log generated by thelog resource52 may be analyzed later by anaudit resource54 within theaccess server12 to determine whether any inconsistencies are detected between the content protection attributes and the unrestricted transfer, for example if a media file expected to require only 50 Mbytes of transfer actually resulted in a 500 Mbytes file transfer, indicating an unauthorized transfer. The logging also can be used to encourage peer-to-peer licensed redistribution, since the request for authorized distribution can be authenticated, and messages can be sent to a content rights owner for royalty payments derived from redistribution rights.
As another example, if the application protocol requires the application to supply a unique transaction ID and additional signatures for the content file to be transferred, such as a file length, then the authentication server can wait until the broadband network device (e.g., the switch) verifies the signature (e.g. that the application has used up its length attribute allowance). If additional bits with the same tag continue to stream through the switch, then an alarm can be triggered for inspection of the log and traceback.
FIGS. 4A and 4B are diagrams summarizing the method of controlling content redistribution by dynamically controlling content distribution based on content authorization, according to an embodiment of the present invention. The steps described inFIGS. 4A and 4B can be implemented as executable code stored on a computer readable medium (e.g., a hard disk drive, a floppy drive, a random access memory, a read only memory, an EPROM, a compact disk, etc.).
The method begins instep60, where a lowdefault data rate32 is predetermined, for example relative to known audio encoding rates, that is able to substantially restrict transfer of audio data files. The processor46 then provisions thedownstream link interface40 to a prescribeddownstream link bandwidth22 for broadband access, independent of theupstream link24.
Theselector resource48 within the processor46 configures instep64 the upstream link bandwidth for thelow data rate32 as thedefault data rate42, enabling theuser node14 to send data anonymously and without any authorization, into thebroadband network10 via theupstream connection24 at thelow data rate32.
If instep66 no bandwidth increase is requested, theupstream link24 is maintained at the low-bandwidthdefault data rate32 instep68. However if instep68 the processor portion46 detects a bandwidth increase request from theuser node14, components of the processor portion46 determine the presence of any associated content protection attributes associated with the transfer by theuser node14.
For example, the contentprotection tag identifier50bdetermines instep70 whether a licensing key is supplied, and thecertificate detector50cdetermines instep70 whether an ownership certificate was supplied with the request. If no such content protection attribute was received instep70, the processor portion46 forwards the request to theauthentication server16 instep72. If instep74 an approval response is not received from theauthorization server16, theuser verification processor50arequests instep76 for user verification that he/she is authorized to transfer the media data file. Theuser verification processor50athen determines instep78 whether user verification is received, for example within a prescribed time interval during an authentication session.
If the processor portion receives any one of the above-described authorized content protection attributes associated with the transfer of the media data file by theuser node14, as described above with respect tosteps70,74, and78, theselector resource48 increases the upstream bandwidth to the high-bandwidth data rate44 to provide a high-rateupstream connection34 instep80, illustrated with respect toFIG. 4B. If no content protection attribute is received, the upstream link is maintained at thedefault data rate42 instep68.
Referring toFIG. 4B, once theupstream connection24 has been set to ahigh bandwidth connection34 instep80, thelog resource52 logs the determined content protection attributes and the transfer metrics associated with the data transfer via the high bandwidthupstream link34. Theaudit resource54 can later compare instep84 the log transfer metrics and the content protection attributes and analyze instep86 whether any inconsistencies are detected between the log transfer metrics and the content protection attributes. The results of the audit procedure by theaudit resource54 can then be logged instep88 for traceability.
According to the disclosed embodiment, unauthorized content redistribution can be effectively controlled by limiting upstream bandwidth data rates to substantially low data rate values that substantially restrict the transfer of media data files. Although the substantially low-bandwidthupstream connection32 to not actually prevent a person who is determined to utilize the low-bandwidthupstream connection32 for data transfers lasting substantially long time intervals (e.g., hours), the substantially long time intervals that would be necessary to transmit large data files on a relatively small bandwidth connection serves to deter most users from engaging in unauthorized content redistribution. The low bandwidth distribution also permits “advertising” of higher quality content in the form of a short trailer or a low quality rendering.
The disclosed arrangements also can be used in conjunction with other content protection schemes, including endpoint based encryption encoding and user device decryption, without any alteration in the existing systems other than the use of secure certificate properties. Consequently, if a large encrypted file was to be transferred without a trusted credential, the broadband network device would consider the file transfer as unauthorized and limit transfer according to the default bandwidth.
While the disclosed embodiment has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (43)

1. A method in a broadband network device configured for providing an ingress network connection for a user node to send data into a broadband network, the method comprising:
configuring, by the broadband network device, the ingress network connection to a default data rate having a first data rate that substantially restricts transfer of a media data file into the broadband network by the user node; and
selectively setting the ingress network connection, by the broadband network device and for a prescribed interval, from the default data rate to a second data rate enabling unrestricted transfer of the media data file into the broadband network by the user node, based on a determined content protection attribute associated with the media data file and the transfer of the media data file by the user node.
12. A broadband network device configured for providing an ingress network connection for a user node to send data into a broadband network, the broadband network device comprising:
a network interface configured for establishing the ingress network connection with the user node for sending of data by the user node into the broadband network at a selected data rate; and
a processor configured for selecting the selected data rate to a default data rate having a first data rate that substantially restricts transfer of a media data file into the broadband network by the user node, the processor configured for selectively changing the selected data rate from the default data rate at the first data rate to a second data rate for a prescribed interval based on a determined content protection attribute associated with the media data file and the transfer of the media data file by the user node, the second data rate enabling unrestricted transfer of the media data file into the broadband network by the user node.
22. A non-transitory computer readable medium having stored thereon sequences of instructions for providing an ingress network connection by a broadband network device for a user node to send data into a broadband network, the sequences of instructions including instructions for performing the steps of:
configuring, by the broadband network device, the ingress network connection to a default data rate having a first data rate that substantially restricts transfer of a media data file into the broadband network by the user node; and
selectively setting the ingress network connection, by the broadband network device and for a prescribed interval, from the default data rate to a second data rate enabling unrestricted transfer of the media data file into the broadband network by the user node, based on a determined content protection attribute associated with the media data file and the transfer of the media data file by the user node.
US10/212,6892002-08-072002-08-07Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorizationActive2029-02-28US8024808B1 (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
US10/212,689US8024808B1 (en)2002-08-072002-08-07Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorization

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
US10/212,689US8024808B1 (en)2002-08-072002-08-07Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorization

Publications (1)

Publication NumberPublication Date
US8024808B1true US8024808B1 (en)2011-09-20

Family

ID=44587194

Family Applications (1)

Application NumberTitlePriority DateFiling Date
US10/212,689Active2029-02-28US8024808B1 (en)2002-08-072002-08-07Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorization

Country Status (1)

CountryLink
US (1)US8024808B1 (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20060230460A1 (en)*2002-12-202006-10-12Koninklijke Philips Electronics N.V.Hierarchical scheme for secure multimedia distribution
US20080209462A1 (en)*2007-02-262008-08-28Michael RodovMethod and service for providing access to premium content and dispersing payment therefore
US20090178058A1 (en)*2008-01-092009-07-09Microsoft CorporationApplication Aware Networking
US20100008502A1 (en)*2008-07-082010-01-14Koichi OgasawaraContent distribution system, content reception terminal, content distribution method and processing method performed when viewing streaming contents
US20110038630A1 (en)*2002-09-032011-02-17Hitachi, Ltd.Packet communicating apparatus
US20130111556A1 (en)*2011-10-312013-05-02Motorola Mobility, Inc.Methods and apparatuses for hybrid desktop environment data usage authentication
US20140065970A1 (en)*2005-03-082014-03-06Broadcom CorporationMechanism for improved interoperability when content protection is used with an audio stream
US20140143797A1 (en)*2009-04-272014-05-22Mitsubishi Electric CorporationStereoscopic video distribution system, stereoscopic video distribution method, stereoscopic video distrubtion apparatus, stereoscopic video viewing system, stereoscipic video viewing method, and stereoscopic video viewing apparatus
US8769705B2 (en)2011-06-102014-07-01Futurewei Technologies, Inc.Method for flexible data protection with dynamically authorized data receivers in a content network or in cloud storage and content delivery services
US20150113038A1 (en)*2007-06-212015-04-23Intel CorporationDistributing intelligence across networks
US10078739B1 (en)*2014-10-012018-09-18Securus Technologies, Inc.Compelling data collection via resident media devices in controlled-environment facilities
US10708129B1 (en)*2016-10-192020-07-07Amazon Technologies, Inc.Changing hardware capabilities of a device
US10904086B1 (en)2016-09-302021-01-26Amazon Technologies, Inc.Device capabilities management from a service provider environment
US11323317B1 (en)2016-10-192022-05-03Amazon Technologies, Inc.Software capabilities management from a service provider environment

Citations (12)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US6253193B1 (en)1995-02-132001-06-26Intertrust Technologies CorporationSystems and methods for the secure transaction management and electronic rights protection
WO2001057869A2 (en)*2000-02-012001-08-09Koninklijke Philips Electronics N.V.Protecting content from illicit reproduction by proof of existence of a complete data set
US6438666B2 (en)*1997-09-262002-08-20Hughes Electronics CorporationMethod and apparatus for controlling access to confidential data by analyzing property inherent in data
US20020129140A1 (en)*2001-03-122002-09-12Ariel PeledSystem and method for monitoring unauthorized transport of digital content
US6473793B1 (en)*1994-06-082002-10-29Hughes Electronics CorporationMethod and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users
US20020191573A1 (en)*2001-06-142002-12-19Whitehill Eric A.Embedded routing algorithms under the internet protocol routing layer of a software architecture protocol stack in a mobile Ad-Hoc network
US6529475B1 (en)*1998-12-162003-03-04Nortel Networks LimitedMonitor for the control of multimedia services in networks
US20030208621A1 (en)*2002-05-062003-11-06Sandvine IncorporatedPath optimizer for peer to peer networks
US6658010B1 (en)*1996-07-252003-12-02Hybrid Networks, Inc.High-speed internet access system
US6781991B1 (en)*1999-02-262004-08-24Lucent Technologies Inc.Method and apparatus for monitoring and selectively discouraging non-elected transport service over a packetized network
US20040205208A1 (en)*2001-03-262004-10-14Juha KoponenMethod and arrangements for providing efficient information transfer over a limited speed communications link
US6904265B1 (en)*2001-04-112005-06-07Hughes Electronics CorporationCapacity management in a broadband satellite communications system

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US6473793B1 (en)*1994-06-082002-10-29Hughes Electronics CorporationMethod and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users
US6253193B1 (en)1995-02-132001-06-26Intertrust Technologies CorporationSystems and methods for the secure transaction management and electronic rights protection
US6658010B1 (en)*1996-07-252003-12-02Hybrid Networks, Inc.High-speed internet access system
US6438666B2 (en)*1997-09-262002-08-20Hughes Electronics CorporationMethod and apparatus for controlling access to confidential data by analyzing property inherent in data
US6529475B1 (en)*1998-12-162003-03-04Nortel Networks LimitedMonitor for the control of multimedia services in networks
US6781991B1 (en)*1999-02-262004-08-24Lucent Technologies Inc.Method and apparatus for monitoring and selectively discouraging non-elected transport service over a packetized network
WO2001057869A2 (en)*2000-02-012001-08-09Koninklijke Philips Electronics N.V.Protecting content from illicit reproduction by proof of existence of a complete data set
US20020129140A1 (en)*2001-03-122002-09-12Ariel PeledSystem and method for monitoring unauthorized transport of digital content
US20040205208A1 (en)*2001-03-262004-10-14Juha KoponenMethod and arrangements for providing efficient information transfer over a limited speed communications link
US6904265B1 (en)*2001-04-112005-06-07Hughes Electronics CorporationCapacity management in a broadband satellite communications system
US20020191573A1 (en)*2001-06-142002-12-19Whitehill Eric A.Embedded routing algorithms under the internet protocol routing layer of a software architecture protocol stack in a mobile Ad-Hoc network
US20030208621A1 (en)*2002-05-062003-11-06Sandvine IncorporatedPath optimizer for peer to peer networks

Non-Patent Citations (8)

* Cited by examiner, † Cited by third party
Title
Blake et al., "An Architecture for Differentiated Services", Dec. 1998, RFC 2475.*
Craver et al., "Reading Between the Lines: Lessons from the SDMI Challenge", Proceedings of the 10th USENIX Security Symposium, Aug. 13-17, 2001, The USENIX Association.
Gillmor, "Dan Gillmor: The technology behind Napster is far from dead", SiliconValley.com, May 15, 2002.
Product literature, "Packetshaper", www.packeteer.com/products/packetshaper, Apr. 23, 2002.
Product literature, replaytv(TM) 4000, www.sonicblue.com, May 15, 2002.
Product literature, replaytv™ 4000, www.sonicblue.com, May 15, 2002.
Technical Specifications, replaytv(TM) 4000, www.sonicblue.com, May 15, 2002.
Technical Specifications, replaytv™ 4000, www.sonicblue.com, May 15, 2002.

Cited By (22)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20110038630A1 (en)*2002-09-032011-02-17Hitachi, Ltd.Packet communicating apparatus
US8218544B2 (en)*2002-09-032012-07-10Hitachi, Ltd.Packet communicating apparatus
US20060230460A1 (en)*2002-12-202006-10-12Koninklijke Philips Electronics N.V.Hierarchical scheme for secure multimedia distribution
US8127361B2 (en)*2002-12-202012-02-28Koninklijke Philips Electronics N.V.Hierarchical scheme for secure multimedia distribution
US20140065970A1 (en)*2005-03-082014-03-06Broadcom CorporationMechanism for improved interoperability when content protection is used with an audio stream
US8521650B2 (en)*2007-02-262013-08-27Zepfrog Corp.Method and service for providing access to premium content and dispersing payment therefore
US20080209462A1 (en)*2007-02-262008-08-28Michael RodovMethod and service for providing access to premium content and dispersing payment therefore
US9076174B2 (en)2007-02-262015-07-07Zepfrog Corp.Method and service for providing access to premium content and dispersing payment therefore
US9531777B2 (en)2007-06-212016-12-27Intel CorporationDistributing intelligence across networks
US20150113038A1 (en)*2007-06-212015-04-23Intel CorporationDistributing intelligence across networks
US9544347B2 (en)*2007-06-212017-01-10Intel CorporationDistributing intelligence across networks
US20090178058A1 (en)*2008-01-092009-07-09Microsoft CorporationApplication Aware Networking
US20100008502A1 (en)*2008-07-082010-01-14Koichi OgasawaraContent distribution system, content reception terminal, content distribution method and processing method performed when viewing streaming contents
US10356388B2 (en)*2009-04-272019-07-16Mitsubishi Electric CorporationStereoscopic video distribution system, stereoscopic video distribution method, stereoscopic video distribution apparatus, stereoscopic video viewing system, stereoscopic video viewing method, and stereoscopic video viewing apparatus
US20140143797A1 (en)*2009-04-272014-05-22Mitsubishi Electric CorporationStereoscopic video distribution system, stereoscopic video distribution method, stereoscopic video distrubtion apparatus, stereoscopic video viewing system, stereoscipic video viewing method, and stereoscopic video viewing apparatus
US8769705B2 (en)2011-06-102014-07-01Futurewei Technologies, Inc.Method for flexible data protection with dynamically authorized data receivers in a content network or in cloud storage and content delivery services
US8832799B2 (en)*2011-10-312014-09-09Motorola Mobility LlcMethods and apparatuses for hybrid desktop environment data usage authentication
US20130111556A1 (en)*2011-10-312013-05-02Motorola Mobility, Inc.Methods and apparatuses for hybrid desktop environment data usage authentication
US10078739B1 (en)*2014-10-012018-09-18Securus Technologies, Inc.Compelling data collection via resident media devices in controlled-environment facilities
US10904086B1 (en)2016-09-302021-01-26Amazon Technologies, Inc.Device capabilities management from a service provider environment
US10708129B1 (en)*2016-10-192020-07-07Amazon Technologies, Inc.Changing hardware capabilities of a device
US11323317B1 (en)2016-10-192022-05-03Amazon Technologies, Inc.Software capabilities management from a service provider environment

Similar Documents

PublicationPublication DateTitle
US8321584B2 (en)Method and apparatus for offering preferred transport within a broadband subscriber network
US8024808B1 (en)Arrangement for controlling content distribution by dynamically controlling bandwidth for transfer of the content based on content authorization
US7987359B2 (en)Information communication system, information communication apparatus and method, and computer program
US20040199604A1 (en)Method and system for tagging content for preferred transport
US7437458B1 (en)Systems and methods for providing quality assurance
US7886365B2 (en)Content-log analyzing system and data-communication controlling device
EP2596451B1 (en)Digital rights domain management for secure content distribution in a local network
CN101453624B (en)Playing on demand system for video
JP5913548B2 (en) CONTENT DISTRIBUTION DEVICE, CONTENT DISTRIBUTION METHOD, CONTENT RELAY DEVICE, CONTENT RELAY METHOD, AND PROGRAM THEREOF
US7793337B2 (en)Systems and methods for controlled transmittance in a telecommunication system
KR101153013B1 (en)Binding content to a domain
US7949703B2 (en)Group admission system and server and client therefor
US20060200415A1 (en)Videonline security network architecture and methods therefor
US20100083362A1 (en)Method and system of managing and allocating communication related resources
US20060165082A1 (en)System and method for facilitating communication between a CMTS and an application server in a cable network
US20040196842A1 (en)Method and system for according preferred transport based on node identification
US8959610B2 (en)Security bridging
KR20040108533A (en)Contents transmitter, contents receiver, and contents transfer method
CN104270614A (en) A video encryption and decryption method and device
CN100429897C (en)Information communication system, transmission device, and transmission method
US7865723B2 (en)Method and apparatus for multicast delivery of program information
US20100250439A1 (en)Apparatus and method for protecting contents streamed through re-transmission
JP2004153590A (en) Content distribution method and content storage device storage device therefor
KR20070085748A (en) Digital rights management using network topology test
KR20060099134A (en) A mobile communication terminal equipped with a function of shortening the storage and playback time of contents and its operation method

Legal Events

DateCodeTitleDescription
ASAssignment

Owner name:CISCO TECHNOLOGY, INC., CALIFORNIA

Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GLEICHAUF, PAUL HARRY;REEL/FRAME:013178/0535

Effective date:20020802

STCFInformation on status: patent grant

Free format text:PATENTED CASE

FPAYFee payment

Year of fee payment:4

MAFPMaintenance fee payment

Free format text:PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment:8

FEPPFee payment procedure

Free format text:11.5 YR SURCHARGE- LATE PMT W/IN 6 MO, LARGE ENTITY (ORIGINAL EVENT CODE: M1556); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

MAFPMaintenance fee payment

Free format text:PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment:12
[8]ページ先頭
©2009-2025 Movatter.jp